Home Unlabelled IBM Security Bulletin: IBM Notes Privilege escalation in IBM Notes Smart Update Service

IBM Security Bulletin: IBM Notes Privilege escalation in IBM Notes Smart Update Service

By
Saturday, February 10, 2018
Read
Add Comment

IBM iNotes SUService can be misguided into running malicious code from a DLL masquerading as a windows DLL in the temp directory. IBM Plans to address this vulnerability by providing a fix.

CVE(s): CVE-2017-1711

Affected product(s) and affected version(s):

IBM Notes 9.0.1 to 9.0.1 FP10
IBM Notes 9.0 to 9.0 IF4
IBM Notes 8.5.3 to 8.5.3 FP6 IF15
IBM Notes 8.5.2 to 8.5.2 FP4 IF3
IBM Notes 8.5.1. to 8.5.1 FP5 IF3
IBM Notes 8.5 release

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22010775
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134532

The post IBM Security Bulletin: IBM Notes Privilege escalation in IBM Notes Smart Update Service appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2EdK7mu
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us